package com.springboot.auth.authorization.config;

import com.springboot.auth.authorization.oauth2.QrUserDetailsService;
import com.springboot.auth.authorization.oauth2.enhancer.CustomAuthenticationProvider;
import com.springboot.auth.authorization.oauth2.enhancer.QrAuthenticationProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

import com.springboot.auth.authorization.oauth2.granter.MobileAuthenticationProvider;

import lombok.extern.slf4j.Slf4j;

/**
 * Created by ZengJian on 2021/2/3 0003 上午 9:22
 */
@Slf4j
@Configuration
@EnableWebSecurity
public class WebServerSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    @Qualifier("userDetailsService")
    private UserDetailsService userDetailsService;

    @Autowired
    @Qualifier("mobileUserDetailsService")
    private UserDetailsService mobileUserDetailsService;

    //    @Autowired
//    @Qualifier("qrUserDetailsService")
//    private QrUserDetailsService qrUserDetailsService;
    @Autowired
    @Qualifier("qrUserDetailsService")
    private UserDetailsService qrUserDetailsService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.csrf().disable();
        http.authorizeRequests()
                .antMatchers("/actuator/**").permitAll()
                .antMatchers("/captcha/**").permitAll()
                .antMatchers("/authcode/**").permitAll()
                .anyRequest().authenticated()
                .and()
                .formLogin()
                .permitAll();
    }

    /**
     * 注入自定义的userDetailsService实现，获取用户信息，设置密码加密方式
     *
     * @param authenticationManagerBuilder
     * @throws Exception
     */
    @Override
    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {


        authenticationManagerBuilder
                .userDetailsService(userDetailsService)
                .passwordEncoder(passwordEncoder());
//        authenticationManagerBuilder
//                .userDetailsService(qrUserDetailsService)
//                .passwordEncoder(passwordEncoder());

        // 设置手机验证码登陆的AuthenticationProvider
        // .authenticationProvider(authenticationProvider())
        authenticationManagerBuilder.authenticationProvider(mobileAuthenticationProvider());
        authenticationManagerBuilder.authenticationProvider(qrAuthenticationProvider());

    }
//
//    @Bean
//    public DaoAuthenticationProvider authenticationProvider(){
//        DaoAuthenticationProvider provider=new DaoAuthenticationProvider();
//        provider.setHideUserNotFoundExceptions(false);
//        provider.setUserDetailsService(userDetailsService);
//        provider.setPasswordEncoder(passwordEncoder());
//        return provider;
//    }

    /**
     * 将 AuthenticationManager 注册为 bean , 方便配置 oauth server 的时候使用
     */
    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    /**
     * 创建手机验证码登陆的AuthenticationProvider
     *
     * @return mobileAuthenticationProvider
     */
    @Bean
    public MobileAuthenticationProvider mobileAuthenticationProvider() {
        MobileAuthenticationProvider mobileAuthenticationProvider = new MobileAuthenticationProvider(this.mobileUserDetailsService);
        mobileAuthenticationProvider.setPasswordEncoder(passwordEncoder());
        return mobileAuthenticationProvider;
    }

    @Bean
    public QrAuthenticationProvider qrAuthenticationProvider() {
        QrAuthenticationProvider qrAuthenticationProvider = new QrAuthenticationProvider(this.qrUserDetailsService);
        qrAuthenticationProvider.setPasswordEncoder(passwordEncoder());
        System.out.println("qrAuthenticationProvider:" + qrAuthenticationProvider);
        return qrAuthenticationProvider;
    }

}
